import com.mysql.jdbc.Driver;

import java.sql.*;
import java.util.Scanner;

public class jdbc {
    public static void main(String[] args) throws Exception {
//        method1();
        method2();

    }

    private static void method2()  {
//        String driver = "com.mysql.jdbc.Driver";
//        String URL = "jdbc:mysql://localhost:3306/jdbc";
//        String user = "root";
//        String pd = "root";
//        Connection con = DriverManager.getConnection(URL, user, pd);
        Connection con = null;
        PreparedStatement ps = null;
        ResultSet res = null;
        try {
            con = JdbcUtiles.getCon();
            String sql = "select * from jdbc where name= ?  and pwd=?";
            ps = con.prepareStatement(sql);
            ps.setString(1, "jack#");
            ps.setString(2, "123");
            res = ps.executeQuery();
            while (res.next()) {
                String id = res.getString(1);
                String name = res.getString(2);
                String pwd = res.getString(3);
                System.out.println(id + name + pwd);
            }
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        } finally {
            JdbcUtiles.close(con,ps,res);
//            if (con != null) {
//                try {
//                    con.close();
//                } catch (SQLException throwables) {
//                    throwables.printStackTrace();
//                }finally {
//                    con=null;
//                }
//            }
//            if (res!=null) {
//                try {
//                    res.close();
//                } catch (SQLException throwables) {
//                    throwables.printStackTrace();
//                }finally {
//                    res=null;
//                }
//            }
//            if (ps!=null) {
//                try {
//                    ps.close();
//                } catch (SQLException throwables) {
//                    throwables.printStackTrace();
//                }finally {
//                    ps=null;
//                }
            }
        }


    private static void method1() throws SQLException {

        String driver = "com.mysql.jdbc.Driver";
        String URL = "jdbc:mysql://localhost:3306/jdbc";
        String user = "root";
        String pd = "root";
        Connection con = DriverManager.getConnection(URL, user, pd);
        Statement sta = con.createStatement();
        String a = new Scanner(System.in).nextLine();
        String b = new Scanner(System.in).nextLine();
//        名字输入后面两种值,都会产生SQL攻击问题: jack'# 或者 jack' or '1=1
        String sql = "select * from jdbc where name='" + a + "'and pwd=" + b + "'";
        ResultSet res = sta.executeQuery(sql);
        while (res.next()) {
            String id = res.getString(1);
            String name = res.getString(2);
            String pwd = res.getString(3);
            System.out.println(id + name + pwd);
        }
    }
}
